You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "Jan Høydahl (Jira)" <ji...@apache.org> on 2022/01/30 01:43:00 UTC

[jira] [Commented] (SOLR-15936) Fix confusing SSL related warn logs on sartup

    [ https://issues.apache.org/jira/browse/SOLR-15936?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17484285#comment-17484285 ] 

Jan Høydahl commented on SOLR-15936:
------------------------------------

I found the reason for these. The new Http2SolrClient always initialized an SslContextFactory, even if SSL was not configured. I have a patch for that.

But then I started looking at a typical Solr startup, and found more log lines that really don't provide much value to users. I have highlighted the lines that I propose to mute:

 
{panel:title=Startup log fragment}
{{$ bin/solr start -f  }}
{{OpenJDK 64-Bit Server VM warning: -XX:+UseLargePages not supported in this VM}}
{{INFO  (main) [] o.e.j.u.log Logging initialized @1044ms to org.eclipse.jetty.util.log.Slf4jLog}}
{{INFO  (main) [] o.e.j.s.Server jetty-9.4.44.v20210927; built: 2021-09-27T23:02:44.612Z; git: 8da83308eeca865e495e53ef315a249d63ba9332; jvm 11.0.13+8}}
{{{color:#de350b}INFO  (main) [] o.e.j.d.p.ScanningAppProvider Deployment monitor [file:///Users/janhoy/git/solr/solr/packaging/build/dev/server/contexts/] at interval 0{color}}}
{{{color:#de350b}INFO  (main) [] o.e.j.w.StandardDescriptorProcessor NO JSP Support for /solr, did not find org.apache.jasper.servlet.JspServlet{color}}}
{{{color:#de350b}INFO  (main) [] o.e.j.s.session DefaultSessionIdManager workerName=node0{color}}}
{{{color:#de350b}INFO  (main) [] o.e.j.s.session No SessionScavenger set, using defaults{color}}}
{{{color:#de350b}INFO  (main) [] o.e.j.s.session node0 Scavenging every 660000ms{color}}}
{{INFO  (main) [] o.a.s.s.CoreContainerProvider Using logger factory org.apache.logging.slf4j.Log4jLoggerFactory}}
{{INFO  (main) [] o.a.s.s.CoreContainerProvider  ___      _       Welcome to Apache Solr™ version 10.0.0-SNAPSHOT}}
{{INFO  (main) [] o.a.s.s.CoreContainerProvider / __| ___| |_ _   Starting in standalone mode on port 8983}}
{{INFO  (main) [] o.a.s.s.CoreContainerProvider \__ \/ _ \ | '_|  Install dir: /Users/janhoy/git/solr/solr/packaging/build/dev}}
{{INFO  (main) [] o.a.s.s.CoreContainerProvider |___/\___/_|_|    Start time: 2022-01-29T11:18:59.328243Z}}
{{INFO  (main) [] o.a.s.s.CoreContainerProvider Solr Home: /tmp/solrhome (source: system property: solr.solr.home)}}
{{INFO  (main) [] o.a.s.c.SolrXmlConfig solr.xml not found in SOLR_HOME, using built-in default}}
{{INFO  (main) [] o.a.s.c.SolrXmlConfig Loading solr.xml from /Users/janhoy/git/solr/solr/packaging/build/dev/server/solr/solr.xml}}
{{{color:#de350b}INFO  (main) [] o.a.s.c.SolrXmlConfig MBean server found: com.sun.jmx.mbeanserver.JmxMBeanServer@6ed3f258, but no JMX reporters were configured - adding default JMX reporter.{color}}}
{{{color:#de350b}WARN  (main) [] o.e.j.u.s.S.config Trusting all certificates configured for Client@799ed4e8[provider=null,keyStore=null,trustStore=null]{color}}}
{{{color:#de350b}WARN  (main) [] o.e.j.u.s.S.config No Client EndPointIdentificationAlgorithm configured for Client@799ed4e8[provider=null,keyStore=null,trustStore=null]{color}}}
{{{color:#de350b}WARN  (main) [] o.e.j.u.s.S.config Trusting all certificates configured for Client@6a2c717f[provider=null,keyStore=null,trustStore=null]{color}}}
{{{color:#de350b}WARN  (main) [] o.e.j.u.s.S.config No Client EndPointIdentificationAlgorithm configured for Client@6a2c717f[provider=null,keyStore=null,trustStore=null]{color}}}
{{WARN  (main) [] o.a.s.u.StartupLoggingUtils Jetty request logging enabled. Will retain logs for last 3 days. See chapter "Configuring Logging" in reference guide for how to configure.}}
{{WARN  (main) [] o.a.s.c.CoreContainer Not all security plugins configured!  authentication=disabled authorization=disabled.  Solr is only as secure as you make it. Consider configuring authentication/authorization before exposing Solr to users internal or external.  See https://s.apache.org/solrsecurity for more info}}
{{{color:#de350b}INFO  (main) [] o.a.s.m.r.SolrJmxReporter JMX monitoring for 'solr.node' (registry 'solr.node') enabled at server: com.sun.jmx.mbeanserver.JmxMBeanServer@6ed3f258{color}}}
{{{color:#de350b}INFO  (main) [] o.a.s.m.r.SolrJmxReporter JMX monitoring for 'solr.jvm' (registry 'solr.jvm') enabled at server: com.sun.jmx.mbeanserver.JmxMBeanServer@6ed3f258{color}}}
{{{color:#de350b}INFO  (main) [] o.a.s.m.r.SolrJmxReporter JMX monitoring for 'solr.jetty' (registry 'solr.jetty') enabled at server: com.sun.jmx.mbeanserver.JmxMBeanServer@6ed3f258{color}}}
{{INFO  (main) [] o.a.s.c.CorePropertiesLocator Found 0 core definitions underneath /tmp/solrhome}}
{{INFO  (main) [] o.e.j.s.h.ContextHandler Started o.e.j.w.WebAppContext@xxxxxx\{/solr,file:///Users/janhoy/git/solr/solr/packaging/build/dev/server/solr-webapp/webapp/,AVAILABLE}{/Users/janhoy/git/solr/solr/packaging/build/dev/server/solr-webapp/webapp}}}
{{INFO  (main) [] o.e.j.s.RequestLogWriter Opened /Users/janhoy/git/solr/solr/packaging/build/dev/server/logs/2022_01_30.request.log}}
{{INFO  (main) [] o.e.j.s.AbstractConnector Started ServerConnector@xxxxxx\{HTTP/1.1, (http/1.1, h2c)}{127.0.0.1:8983}}}
{{INFO  (main) [] o.e.j.s.Server Started @2623ms}}
{panel}
 

> Fix confusing SSL related warn logs on sartup
> ---------------------------------------------
>
>                 Key: SOLR-15936
>                 URL: https://issues.apache.org/jira/browse/SOLR-15936
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>            Reporter: Jan Høydahl
>            Priority: Major
>
> Jetty is logging these lines on every startup (SSL not enabled):
> {code:java}
> 2022-01-19 11:43:18.053 WARN  (main) [] o.e.j.u.s.S.config Trusting all certificates configured for Client@62dbe64e[provider=null,keyStore=null,trustStore=null]
> 2022-01-19 11:43:18.053 WARN  (main) [] o.e.j.u.s.S.config No Client EndPointIdentificationAlgorithm configured for Client@62dbe64e[provider=null,keyStore=null,trustStore=null]
> 2022-01-19 11:43:18.194 WARN  (main) [] o.e.j.u.s.S.config Trusting all certificates configured for Client@12fe1f28[provider=null,keyStore=null,trustStore=null]
> 2022-01-19 11:43:18.194 WARN  (main) [] o.e.j.u.s.S.config No Client EndPointIdentificationAlgorithm configured for Client@12fe1f28[provider=null,keyStore=null,trustStore=null]
> 2 {code}
> Why is this class is even triggered in a non-ssl config? Or do we have some mis-configuration of Solr's default truststore or something that we should act on?
> Once this is fixed, PR [https://github.com/apache/solr/pull/543] can be addressed, which moves LogWatcher earlier in the solr startup process to get as much logs as possible in the UI.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org